Connect with us

Finance

A NEW AGE IN CYBERCRIME: HOW THE FINANCIAL SERVICES SECTOR CAN PROTECT ITSELF AGAINST THE LATEST THREATS

Published

on

Max Locatelli, Regional Director Western Europe at Infoblox  

 

Financial Services (FS) firms have traditionally faced a host of different obstacles when it comes to protecting their users’ data from cybercriminals. With a growing number of regional regulation requirements and laws as well as general security and compliance concerns, the landscape is growing increasingly complex each year. Add to this the many layers of sensitive and financial information that they regularly handle and it’s easy to see why FS organisations have become one of the most high-value targets for those looking to make a quick profit. This was only exacerbated when the pandemic broke out last year.

As office closures took hold and the majority of operations became virtual, many FS organisations were forced to embrace digital transformation at a rapid pace in order to continue to deliver their services and try to achieve some level of “business-as-usual.” As a result, the digital attack surface these organisations had to defend expanded significantly. Individuals moving from centralised locations — i.e. the office — to the edge of the network, brought greater risk and many FS organisations found themselves vulnerable. Meanwhile, innovative cybercriminals were able to adapt rapidly and take advantage of the chaos to launch multiple attacks. In fact, a recent cybersecurity report from Infoblox — released in May 2021 — found that over half of all FS firms (54%) were hit by data breaches during a 12-month period, while nearly half (49%) encountered cloud-based malware attacks.

With hackers getting more sophisticated and a new wave of cyberattacks just around the corner, FS organisations need to act today. If they fail to adapt to the landscape and adopt a proactive approach to cybersecurity, the consequences could be severe.

 

A costly business

For FS organisations, a single data breach can have far reaching consequences. Depending on the severity of the attack, and how much and what type of data is impacted, some might never fully bounce back.

For example, one of the biggest data breaches in recent history involved US-based credit rating agency Equifax. In 2017, due to flaws in the company’s systems, 145 million people’s personal records were compromised by hackers. The breach was sizable but what really made it so alarming was the sensitive nature of the breached data, which ranged from full names and addresses to credit card information. Equifax has now revealed that costs relating to the incident, as well as expenditure on IT and data security, have reached at least $1.35 billion, excluding legal fees for lawsuits.

Equifax is far from being the only company to face severe financial repercussions following a breach. In fact, Infoblox’s report discovered that on average, FS firms that experienced a data breach reported an estimated average loss of roughly $4.2 million. Of course, this goes up if we take into account the unplanned network outages that often follow a successful cyberattack.

Financial repercussions are the top impact of network outage attacks, with 60% of FS organisations agreeing. However, it’s not just the initial cost that victims need to worry about. Almost half (45%) of respondents also highlighted the reputational damage caused by a breach. This can have a long-term impact, both on retaining current customers and the ability to win new ones. In today’s ultra-connected, competitive landscape, it ultimately could be the difference between a business thriving and failing.

 

A new threat landscape calls for a new security approach

With recent research discovering that one in four UK FS workers would like to work fully remote post-pandemic and the vast majority (69%) in favour of a hybrid model – the digital landscape is only becoming more complex. Network architecture will no longer be centralised on a physical campus, with a core data center into which users connect. This requires security practices to adapt to a cloud-first environment. It’s far from surprising that PwC recently discovered that 70% of firms are planning to invest more in cybersecurity over the next 12 months.

In order to make these investments count and defend against the latest and most sophisticated threats, FS organisations must set strong IT foundations for defending the expanded enterprise. One way to achieve this is to use cloud-managed DDI to simplify and scale connectivity across all corporate devices wherever they sit . This integration of Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP) and IP address management (IPAM) into a unified service, is designed with the modern borderless enterprise in mind, to eliminate the management complexities of backhauling traffic through the traditional branch office.

DDI provides visibility into the activities of each connected device — giving networking teams deeper insight into potentially suspicious activities. 90% of malware touches DNS — the first D in DDI — when entering or leaving the network, making DNS a critical detection tool that, when connected to the security stack, can enable stronger threat remediation for FS businesses. Additionally, DDI includes a software-defined perimeter that supports network identity and context for policy rules and their enforcement in security orchestration, automation and response (SOAR); security information and event management (SIEM); cloud access security brokers (CASBs); zero trust; next-generation firewalls and more. Ultimately, DDI enables FS firms to boost control and quickly detect and fix any vulnerabilities, no matter where they originate or where users are based. It could be an invaluable tool in our new hybrid landscape.

Whilst every single organisation operating in the world today is a potential victim of cybercrime, FS firms are a particularly obvious target. In order to avoid the potentially devastating cyberattacks of tomorrow, action needs to be taken today. Cybersecurity today needs a proactive approach that stretches across the extended infrastructure and protects users no matter where they are located. It is only then that FS organisations can truly say that they are adequately prepared for whatever security threat is around the corner.

 

Business

Financial Stability Board Gives Full Support to Wide LEI Use in Global Payments

Published

on

By

Clare Rowley, Head of Business Operations at the Global Legal Entity Identifier Foundation

The strongest recommendation yet by the Financial Stability Board (FSB) that the LEI should be used more widely in payments will catalyze increased global LEI adoption. The most immediate intention is in facilitating cross-border payments. GLEIF explains why this makes it the perfect time for financial institutions to become Validation Agents within the Global LEI System.

The Financial Stability Board (FSB) has put its full weight behind a landmark recommendation that the LEI should be widely adopted across the global payments ecosystem. In July 2022, the FSB published a report encouraging global standards-setting bodies and international organizations with authority in the financial, banking, and payments space to drive forward LEI references in their work. The report also recommends guidance and further outreach on the use of the LEI as a standardized identifier for sanctions lists and as the primary means of identification for legal entity customers or beneficiaries, with specific reference to customer due diligence and wire transfers.

A primary near-term goal of the FSB’s most recent report, published as part of the G20 Roadmap for Enhancing Cross-Border Payments, is to stimulate LEI to use initially in cross-border payment transactions. By helping to make these transactions faster, cheaper, more transparent, and more inclusive, while maintaining their safety and security, the LEI has been deemed by the FSB to support the goals of the G20 roadmap.

As a result, banks and financial institutions will now be compelled to move quickly to incorporate the LEI as an integral component of their cross-border payments infrastructure, since there are huge benefits in doing so. In addition to supporting lower costs and enhanced transaction speed and transparency, the LEI can also facilitate straight-through processing (STP) and sanctions screening, while easing compliance with Know-Your-Customer (KYC) due diligence.

Additionally, the report recommends that standards bodies (e.g., BCBS, CPMI, IOSCO, FATF) and international organizations (IMF, OECD, World Bank) should consider how the LEI may be used as a standardized identifier for sanctions lists or as the primary means of identification of legal entity customers or beneficiaries. This demonstrates the broader ecosystem needed to support cross-border payments evolution – an ecosystem based on a single global identifier for legal entities that can be used to facilitate compliance checks across various resources.

With this in mind, banks and financial institutions who may soon need to ensure their legal entity clients possess an LEI to engage in certain payment transactions, cross-border or other, should feel motivated to leverage the benefits of becoming a Validation Agent within the Global LEI System. The advantages are two-fold: enhanced customer service, through a simpler, faster, and more convenient LEI issuance process for customers; and huge efficiencies in client onboarding and lifecycle management for the bank or financial institution. It really is a win-win scenario.

 

The wider impact of LEI adoption in cross-border payments

While the FSB’s report is intended to promote LEI use in cross-border transactions, both the strength and far-reaching scope of its recommendations are likely to be a catalyst for the LEI to be more broadly implemented across many other payment scenarios too. After all, if banks and financial institutions need to equip customers with an LEI to participate in cross-border transactions, then it’s a logical next step for participants in the payments ecosystem to leverage and optimize those LEIs to drive efficiencies across their other payment operations, and to bring enhanced transparency and trust benefits for customers.

There is already a healthy pipeline of active consultations and commitments by financial regulators aimed at recommending or mandating LEI use more broadly within the global payments space.

  • Last year, the European Commission (EC) officially recognized the value of the LEI as a unique mechanism capable of supporting transparency in AML and countering the financing of terrorism (CFT) efforts. It issued two legislative proposals that call for the LEI to be used in certain customer identification and verification scenarios where available.
  • The EC also launched a separate initiative last year to identify obstacles to the creation of efficient pan-European instant payments solutions. As part of its consultation strategy, the EC issued a survey for the purpose of exploring the potential for the LEI to support the screening of instant payment transactions against sanction and watch lists.
  • The Bank of England (BoE) affirmed its position to support wider uptake of the LEI and will introduce the LEI into ISO 20022 standard for CHAPS payment messages on an ‘optional to send’ basis in February 2023. While the BoE encourages all CHAPS Direct Participants to start using LEIs as early as possible, it will not become mandatory until spring 2024, at which time the BoE will begin mandating LEIs to be used in certain circumstances, with a vision to widen out the requirement to all participants over time. In particular, the BoE will mandate the use of the LEI where the payment involves a transfer of funds between financial institutions. The BoE will also monitor the use of the LEI for all transactions, with a view to assessing whether the mandatory requirement to include LEI data should be extended to all CHAPS payments.
  • In order to further the use of LEI in cross-border transactions and facilitate cross-border trade and investment, the Chinese Cross-border Interbank Payment System (CIPS) designed an innovative product “CIPS Connector”, which provides an integrated “one-step” service for a variety of cross-border RMB transactions between banks and enterprises. Every CIPS Connector user is assigned with an LEI, which is used for activating the tool as well as a mandatory business element in their business transaction.
  • In January 2021, and in a move that was the first of its kind, the Reserve Bank of India issued a mandate for the LEI in all payment transactions totaling ₹ 50 crore and more undertaken by entities for Real-Time Gross Settlement (RTGS) and National Electronic Funds Transfer (NEFT).

 

Why the LEI in payments?

The LEI is considered an important tool in payments as it is designed for identifying unique parties to each transaction. It meets a fundamental requirement in payment processing – precise identification of the payer and payee. No other current identifier in payments offers this. International Bank Account Numbers (IBANs) for example are used for uniquely identifying payer/payee accounts, while Business Identifier Codes (BICs) are used for routing the payments to the relevant divisions/sub-divisions of financial institutions.

Today’s highly digitized payment networks require faster, cheaper, and more secure transactions. When the LEI is added as a data attribute in the payment messages, any originator or beneficiary legal entity can be instantly and automatically identified.

 

Become a Validation Agent

When viewed collectively, these developments show that LEI advocacy has never been stronger in the payments space. This signals that the LEI could be the widely implemented trust tool of choice for payments in the near future. With that in mind, GLEIF urges banks, and financial institutions to consider taking a proactive approach to supporting voluntary customer adoption of the LEI and getting ahead of recommendations or mandates in the payments space.

Becoming a Validation Agent in the Global LEI System is now the obvious choice. In addition to easing the process of LEI implementation further down the line by making LEI issuance more convenient and accessible for customers, becoming a Validation Agent can deliver some significant advantages for financial institutions themselves. By utilizing ‘business-as-usual’ onboarding processes to obtain LEIs for clients, financial institutions can improve customer experience, facilitate digital transformation, and reduce client lifecycle management costs.

Continue Reading

Business

On-demand pay: why payroll needs a modern approach

Published

on

By

Byline:  Paul Bartlett, CEO, CloudPay

 

While the world of work has evolved drastically over the last decade, payroll has arguably fallen behind the curve. In fact, how businesses view employee pay today is outdated and fails to meet the expectations of the modern workforce which, with the UK’s critical skills short labour market, could prove detrimental. People now expect on-demand services in their personal lives, from their shopping experience to their access to entertainment, and this need for a ‘consumerised’ experience has filtered into many business practices. But payroll has yet to catch up.

Financial technology is certainly gaining prominence across the globe as it gradually replaces traditional financial services such as banking, payments and electronic commerce. In fact, a recent fintech market report shows that the global financial technology remit is expected to reach a market value of approximately $324 billion by 2026, growing at an annual rate of around 25.18% over the 2022-2027 forecast period. So, soon enough, payroll will be expected to keep pace with the rest of the fintech field.

Paul Bartlett

A shift in mindset

Ultimately, most employees are consumers and our digitalised world means that consumers are able to instantly access almost anything through an app. Getting to your next destination and accessing a range of takeaways has never been easier with Uber and same day deliveries through Amazon have meant that shopping online has grown in popularity. In an era where instant results are the norm, it should come as little surprise that individuals are now asking why they should wait to access wages they’ve already earnt. With technology making it so easy to consume, why should they wait for payday to get paid for the work they’ve done?

It’s also important to consider how the world of work itself has changed. The pandemic has led to a general consensus that it’s ok to question norms in society, and workers are now expecting more from their employers, including how and where they work. As we all know, mass remote working wasn’t commonplace before the pandemic, but now the benefits that businesses and employees have experienced have resulted in new ways of working, with some countries even making the work from home option a legal right. Eventually, the same could be said for how people get paid as greater flexibility and a better work-life balance rises in demand.

Pay on-demand

In line with the progression of the working world, employees are increasingly beginning to question how and when they get paid. For staff in the UK, the cost-of-living crisis has increased the desire for more flexibility around access to pay. Businesses themselves are also questioning how age-old processes can be improved and we’re seeing more firms seeking to update legacy systems and processes, which has led to demand for digital payment capabilities for employee pay.

However, there’s a fundamental question about paying employees in arrears – why should employees effectively loan money to their employer until payday? It’s now possible to allow employees to effectively choose their own payday (or paydays) with on-demand access to earned wages via a mobile app. Progressive employers, such as Nando’s, are offering this pay on-demand facility as a low-cost, high-value benefit to employees, giving them control and flexibility over how and when they receive their salary.

Nando’s Singapore

In the case of Nando’s Singapore, a brand that revolves around its people, the firm recognised that its payroll system needed to be updated. The main business challenges centred around a highly competitive jobs market, with many more vacancies than people available to work in the country, making it tough to recruit front-line staff. This, coupled with the difficulties of retaining talent when competing with the gig economy, a segment of the workforce known for paying workers frequently, was presenting a significant challenge for the firm. Furthermore, monthly pay cycles were necessitated by Singapore’s requirement for employees to have a monthly payslip to qualify for access to government benefits and the 80% government-owned housing market.

The combination of these challenges and the delicate balance of the need for monthly pay vs. pay flexibility led Nando’s Singapore to look for a more flexible solution. The solution? Pay on demand options for staff. So, what does this change and what does it mean for the firm and its workers?

When a pay on demand solution is in place, Nando’s employees will receive their monthly payslips as usual. There are also no adjustments to existing payroll processes and finance reporting, which means no extra administrative burden on the payroll team. What will change, though, is that Nando’s staff will no longer have to wait until the end-of-month payday to receive wages they’ve already worked for. Pay on demand and pay to card gives employees more control of managing their own cashflow, allowing them to instantly access their earned wages when they need them, via a mobile app rather than requesting pay advances from their employer.

Overall, the decision to seek an earned wage access solution will mean that staff will have flexible pay, supporting Nando’s recruitment and retention efforts while also delivering an enhanced employee value proposition. As Moji Neshat, General Manager at Nando’s Singapore explained, “We know unexpected bills and short-term cashflow challenges can create a lot of stress for our teams. With CloudPay NOW all our team members will be able to access their wages the very next day after working, removing that stressful wait until payday.”

Moving forwards

Sophisticated technology is playing a role in making tedious or labour-intensive processes quicker and easier in our everyday lives, and it can – and should – have the same impact for payroll. The likes of pay on demand may appear on the surface to be complex to manage, but can in fact streamline processes.

When we think back to when online payments were first introduced, there were understandable concerns around the change – but very few of us today could imagine life without mobile banking, and the ease and speed it brings to making and receiving payments. Why shouldn’t payroll follow the same path?

Continue Reading

Magazine

Trending

Business2 days ago

Financial Stability Board Gives Full Support to Wide LEI Use in Global Payments

Clare Rowley, Head of Business Operations at the Global Legal Entity Identifier Foundation The strongest recommendation yet by the Financial...

Business2 days ago

On-demand pay: why payroll needs a modern approach

Byline:  Paul Bartlett, CEO, CloudPay   While the world of work has evolved drastically over the last decade, payroll has...

Business2 days ago

 ‘What should real estate investors be doing now – has the market hit rock bottom or is now the time to buy?’

Following many years of housing prices soaring and competition steadily increasing, real estate growth has finally started to slow, likely...

Business3 days ago

Expert Guide for Email Marketing to Improving Your Conversion Rates

If you talk about email marketing campaigns, it would seem like an old-fashioned advertising style. But it is still an...

Banking5 days ago

Augmented automated underwriting and the evolution of the life insurance market

By Alby van Wyk, Chief Commercial Officer at Munich Re Automation Solutions   It’s almost inevitable. Spend your working life...

Banking6 days ago

ESG in the finance and banking industry – are you ready?

By Julian Moffett, CTO BFSI, EDB   Environmental, Social and Governance (ESG) has soared towards the top of banking, financial...

Top 107 days ago

An Entrepreneur’s Guide to Investing in Bitcoin

Marcus de Maria, Founder and Chairman of Investment Mastery.   Over recent years, Bitcoin has been steadily growing in popularity...

Business7 days ago

Overcoming macroeconomic challenges

By Mike Chambers, formerly CEO of Bacs and a consultant at Access PaySuite.   For businesses offering a subscription-based service, the...

Banking1 week ago

How unlocking the potential of tokenised markets can help banks keep pace with the digital economy

Giulia Secco is the Strategic Partnership & Ecosystem Manager at Fnality International.   In the aftermath of the 2008 financial...

Banking1 week ago

The role of Artificial intelligence in compliance at banks

Sujata Dasgupta, Global Head – Financial Crime Compliance Advisory, Tata Consultancy Services   There’s not a financial institution across the...

Technology1 week ago

Scaling securely in the automation-first era

By Brandon Traffanstedt, Sr. Director, Field Technology Office at CyberArk   Robotic process automation (RPA) has been one of the...

Business2 weeks ago

Putting technology to work on entrepreneur fund-raising

By Simon Glass, CEO, Qodeo   Human relationships are behind the most successful venture capital deals. The chemistry between an...

Finance2 weeks ago

Why leveraging strong identity verification is the key to remaining competitive for financial services

By Philipp Pointner, Chief of Digital Identity at Jumio   With the recent revelation that Facebook is allowing sales of...

Business2 weeks ago

AI and Super Apps to BNPL : How fintech can help the cost-of-living crisis

By Anna Porra, European Strategy Director at Marqeta   As the cost-of-living continues to increase, financial wellbeing is becoming a...

Interviews2 weeks ago

Interview with Devin de Vries, founder and CEO at WhereIsMyTransport

Where did the idea for WhereIsMyTransport come from? At WhereIsMyTransport, we are working to ensure that better data and technology...

Business2 weeks ago

Tips to Overcome ESG Data Selection Challenges

Gediminas Rickevičius, VP of Global Partnerships at Oxylabs   Environmental, Social, and Governance (ESG) guidelines promise better investment outcomes with...

Business2 weeks ago

The payments boom explained…  

Kosta Du   It has been clear for a while that we are quickly moving into a cashless society –...

Business2 weeks ago

Automation – the key to ensuring your organisation survives tough times and thrives

By Paul Sparkes, Commercial Director   Business is going to get tougher Your cashflow is under increasing pressure. The very...

Business2 weeks ago

How automated Digital Adoption Platforms (DAPs) improve customer engagement within financial services

By Khadim Batti, Co-founder and CEO of Whatfix   Automation is everywhere across financial services;. McKinsey notes that up to...

News2 weeks ago

Why Anti-Money Laundering is no longer just a tick box exercise

Tremors following Russia’s invasion of Ukraine have been felt around the world. At a time when customers are already demanding...

Trending